Cyber partnerships are a crosscutting enabler of the pillars in any country’s cybersecurity strategy.

Cyber partnerships, especially those focused on cyber information sharing, are a key means to achieving the goal of better managing and mitigating cyber risks to improve national, regional, and local cyber defenses. Additionally, cyber information-sharing partnerships can stimulate regional economies through a collaborative focus on education, workforce development, innovation, and research and development (R&D).

Based on lessons learned from the evolution of cyber information-sharing in the United States and case studies of three regional Information Sharing and Analysis Organizations (ISAOs) instantiated within the last five years, MITRE developed 11 recommendations (below) for building a national unclassified cyber information-sharing ecosystem. By using a trusted, independent, third-party as a unifying virtual hub, regional ISAOs can better serve as growth catalysts for a national, unclassified cyber information-sharing ecosystem and remain focused on cyber defense and regional cyber economic development.

Recommendations for building a national unclassified cyber information-sharing ecosystem

Convene workshops to collaboratively develop a strategy and roadmap for an unclassified cyber information-sharing ecosystem.

Enact legislation to catalyze the formation of a diversity of sharing centers.

Incrementally build the cyber information-sharing ecosystem from a strategic roadmap.

Catalyze ecosystem growth with cross-sector regional sharing groups.

Articulate the role of the government.

Articulate the missions and establish a differentiating value proposition.

Develop membership criteria and a governance model.

Establish foundations of trust.

Share the right data in the right way.

Actively manage cyber diversity.

Stimulate private-sector participation.

We expect cyber information-sharing partnerships to continue to form and grow, especially regionally, with an increasing diversity of domains and sectors. Using current trends and innovations, the report also provides a glimpse of what future cyber information-sharing partnerships could entail:

Cyber information-sharing partnerships will proliferate, especially regionally, and the diversity of the domains and sectors they serve will increase.

The trend of forming information-sharing organizations will mimic the hype cycle, with the current state being somewhere near the peak between mass-media hype and supplier proliferation. Eventually, there will be some consolidation before trekking up the slope of enlightenment.

The certification of partnership entities will enable federations and federations-of-federations to form as trust circles organized by region, business domain, and purpose.

Internet of Things consortia will begin to rapidly form to share cyber information associated with the intersection of device security and safety (e.g., medical devices, autonomous vehicles, on-board avionics).

ISAO-like models will be repurposed to facilitate sharing within government organizations (e.g., intra-government ISAOs) as public partnerships.

ISAO-like models will be repurposed for use in non-cyber domains (e.g., elections, fraud prevention).

Sharing will increasingly occur as machine-to-machine transactions that are managed by trust contracts and chronicled as transactions on blockchain infrastructures.

Shared information will increasingly incorporate adversary behavior elements and behavioral analytics, which are designed to detect real-time behavioral patterns of an unfolding cyber-attack.

By unifying ISAOs into a cooperative sharing federation guided by a strategic plan largely driven by the private sector, a cyber information-sharing ecosystem will emerge by design. The ecosystem will provide stronger national, regional, and local cyber defenses and catalyze state and metropolitan cyber economies.

The MITRE Corporation is a private, not-for-profit organization that manages and operates seven federally funded research and development centers that support U.S. Government sponsors. MITRE applies science, technology, systems engineering, and strategy to complex problems of global significance in the areas of aviation, critical infrastructure, cybersecurity, and defense.

About Bruce Bakis

Bruce J. Bakis is the Manager of Cyber Information Sharing Partnerships at The MITRE Corporation. In his “Johnny Appleseed” role, Bakis focuses on cyber information-sharing partnerships and corporate cyber initiatives. Bakis serves on the Core Development Team of the Information Sharing and Analysis Organization (ISAO) Creation Working Group of the ISAO Standards Organization. He also serves on the Executive Committee of George Washington University’s Institute for Information Infrastructure Protection. Additionally, Bakis serves on the Steering Committee of the ACSC, a cross-sector ISAO in Massachusetts. Bruce Bakis can be reached here.

About Edward D. Wang

Edward D. Wang is a thought leader and regular contributor to the Cyber Information Sharing Partnerships activity at The MITRE Corporation. He specializes in Strategic Enterprise Planning and Execution and Organizational Development, with a focus on cyber information sharing. At MITRE, Wang has worked to establish best practices for developing these partnerships. He has engaged with multiple domestic and international organizations to guide the growth of the cyber information-sharing partnership ecosystem by applying those best practices in a consistent and effective manner. Wang brings 20 years of industry experience in software development, systems integration, information technology strategy, and cyber information sharing from both the public and private sectors. Edward Wang can be reached here.

Learn More from our Cyber Bloggers!

Enjoy hearing about the latest cyber trends and strategies? MITRE's Cyber Connections & Directions collection keeps you up to date on big-picture trends and strategies. We invite you to sort by topic or view the entire collection.

MITRE intends to maintain a website that is fully accessible to all individuals. If you are unable to search or apply for jobs and would like to request a reasonable accommodation for any part of MITRE’s employment process, please contact MITRE’s Recruiting Help Line at 703-983-8226 or email at recruitinghelp@mitre.org